Electronic signature versus digital signature: what’s the difference?

It is very common to see the terms electronic signature and digital signature used as synonyms. Many people believe that their meanings are identical. However, these solutions are not interchangeable and have different uses.

Therefore, in this post we are going to define these concepts and their characteristics so you can recognise the main differences between them.

Technology for digital communication

For years, companies have been using a large number of electronic communication solutions to certify digital identities or protect communications on a network. Within this market, the electronic signature and digital signature have led the way in this business transformation.

However, it is still necessary to clarify these concepts, due to the confusion from users who, despite being more and more knowledgeable about technology, often think that an electronic signature and a digital one are the same.

Therefore, although they share certain characteristics, they are different. We look at each of them below and the reasons why they have become so widely used in both the private and public sector.

What is an electronic signature?

In one phrase, we can say that an electronic signature is a legal concept whose objective is to certify the will of the signatory.

It means “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign”, according toRegulation (EU) No. 910/2014, known as the eIDAS Regulation, which establishes a common legal framework for electronic signatures in the European Union.

The electronic signature is therefore a set of electronic data that accompany certain information that is also in electronic format. Performing an electronic signature means that a legal person verifies an action or procedure through an electronic medium, leaving a record of the date and time of the same.

There are different types of electronic signatures, each with their own set of requirements and methods. An advanced electronic signature, for example, must comply with the requirements established in article 26 of European Regulation 910/2014:

Be uniquely linked to the signatory.- A single person behind each electronic signature.

Allow identification of the signatory.- At Signaturit, to comply with this requirement, we capture the biometric data of the photograph, their geolocation, the data from the device where the signature is and we can even, if necessary, capture the image, voice or identity document through OCR technology.

Have been created using creation data from the electronic signature that the signatory can use with a high level of trust, under their exclusive control.- Signaturit’s advanced electronic signature is made directly from the signatory’s device (computer, tablet or mobile phone) and can only be accessed through their private account (electronic email).

Be linked to the data signed by the same in a way that any ulterior modification of the same is detectable.- At Signaturit, thanks to the fact that we use a public/private key system, all documentation generated is coded and the data has a guarantee of integrity at all times thanks to the fact that we use a Time Stamp Authority.

An electronic signature is a legal concept

What is a digital signature?

A digital signature is a specific technical implementation of some electronic signatures by applying cryptographic algorithms. Therefore, they refer to the coded/decoded technology in which some electronic signatures, such as the advanced one, are based.

The digital signature is a set of characters that are added at the end of a document or the body of a message to certify or show validity and security. They are therefore used to identify the person issuing said message and to certify the veracity that the document has not been modified with respect to the original.

The digital signature is like a lock on a document. It requires the existence of an official certificate issued by a body or institution that validates the signature and the identity of the person performing it.

The digital signature is based on public key cryptography systems that satisfy the definition requirements of an advanced electronic signature.

Their operation is specifically based on applying a mathematical algorithm to the content of a document and then applying signature’s algorithm, in which a private key is used, to the result of the previous operation, in this way generating the signature of the electronic document.

What is the difference between a digital signature and an electronic signature?

The main one is that while a digital signature makes reference to a series of cryptographic methods, the concept of the electronic signature is of a fundamentally legal nature, since it confers a regulatory framework to the signature that gives it legal validity.

The digital signature is also legal but it does not have a legal nature per se, in the sense that its objective is NOT to certify an act of will on behalf of the signatory but just to encrypt the data in a document to give it greater security.

Electronic signature is a generic expression and much broader regarding electronic data. A digital signature is a signature with public-key based cryptography.

In this way, the digital signature prevents identity impersonation and allows authentication and identification in all types of processes, such as administrative, bureaucratic, tax, etc.

What an electronic signature solution based on digital signature technology really means is this capacity to collect electronic evidence of integrity and identification. The more evidence is captured during the signature process, the greater the possibilities that the signed document is accepted in a court of justice.

And although many electronic signature solutions on the market may comply with the basic requirements established for a simple electronic signature, not all comply with requirements for the advanced one based on digital signature technology.

Conclusion

The digital signature is therefore a fundamental part of the advanced electronic signature but not the simple electronic signature (PIN entered at a bank’s automatic cash machine or by clicking on an "accept" box).

This type of electronic signature cannot attribute the signature to a specific signatory, so it does not have the characteristics of a digital signature.

All digital signatures are electronicbut not all electronic signatures are digital

The best thing is when the two signatures combine, such as in Signaturit’s advanced electronic signature, so there is:

legally binding electronic evidence

peace of mind for both parties

a fast, efficient and legal flow of signing documents

If you want more information, get in touch with us through the following form, or call us directly on +34 93 551 14 80.